-
Committer:
Package Import Robot
-
Author(s):
Marc Deslauriers
-
Date:
2013-02-18 15:23:14 UTC
-
Revision ID:
package-import@ubuntu.com-20130218152314-gb9ri07mya3385qw
Tags: 0.9.8k-7ubuntu8.14
* SECURITY UPDATE: denial of service via invalid OCSP key
- debian/patches/CVE-2013-0166.patch: properly handle NULL key in
crypto/asn1/a_verify.c, crypto/ocsp/ocsp_vfy.c.
- CVE-2013-0166
* SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
- debian/patches/CVE-2013-0169.patch: massive code changes
- CVE-2013-0169